Closed Bug 368122 Opened 18 years ago Closed 18 years ago

see if we need any gecko security fixes for 0.3.1

Categories

(Calendar :: Security, defect)

Product:
Calendar
Component:
Security
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: dmosedale, Assigned: mattwillis)

References

Details

(Keywords: meta, Whiteboard: [fixed0.3.1]) 

Just need to track down gecko security fixes that have landed since we shipped, and see if we need to take any of them.
Flags: blocking-calendar0.3.1+
Group: security
I'm sure you do. What branch did you ship from, 1.8.0 or 1.8? we've had a lot of fixes since your release date on both branches (basically the same ones).

Hopefully Calendar ships with Javascript disabled and that would make you pretty safe from just about everything we've fixed but we could go over the list in detail.
Assignee: dveditz → dmose
Excitingly, we shipped Sunbird from a branch that we cut off the trunk, and shipped Lightning from 1.8.  I don't _think_ we currently render any foreign HTML at all, so I suspect we haven't bothered to disable JS (though perhaps we should do so anyway).
Depends on: 368851
Depends on: 368858
Keywords: meta
Assignee: dmose → lilmatt
All dependent bugs have been closed, and dveditz also thinks it's okay to close this one.
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
Whiteboard: [fixed0.3.1]
Group: security
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.